package com.yr.ryjk.sysuser;

import java.util.Date;
import java.util.Map;

import javax.servlet.http.HttpSession;
import javax.validation.Valid;

import org.hibernate.validator.constraints.NotBlank;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.util.DigestUtils;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import com.yr.ryjk.common.Constant;
import com.yr.ryjk.common.ErrorType;
import com.yr.ryjk.interceptor.authority.For;
import com.yr.ryjk.interceptor.authority.UserType;
import com.yr.ryjk.sysuser.entity.Permission;
import com.yr.ryjk.sysuser.entity.SysUser;
import com.yr.ryjk.sysuser.service.ISuService;
import com.yr.ryjk.util.JSONUtil;

/**
 * 系统用户
 * @author zhangkai
 */
@Controller
@RequestMapping("/su")
public class SuController {
	@Autowired
	private ISuService suService;
	
	/**
	 * 分页获取数据
	 * @param pageNo
	 * @param pageSize
	 * @return
	 */
	@For(user=UserType.WEBSERVER_USER)
	@RequestMapping(value = "/list", method = RequestMethod.GET)
	@ResponseBody
	public Map<String, Object> list(@RequestParam(value = "pageNo", defaultValue = "1") int pageNo,
			@RequestParam(value = "pageSize", defaultValue = "10") int pageSize,String suName,String suAddman) {
		return JSONUtil.getJSON(ErrorType.SUCCESS,
				suService.getListOfPage(pageNo, pageSize,suName,suAddman));
	}
	
	/**
	 * 新增系统用户
	 * @param sysuser
	 */
	@For(user=UserType.WEBSERVER_USER)
	@RequestMapping(value = "/add", method = RequestMethod.POST)
	@ResponseBody
	public Map<String, Object> addSysUser(@ModelAttribute @Valid SysUser sysuser,HttpSession session) {
		SysUser su = (SysUser)session.getAttribute(Constant.su_in_session);
		sysuser.setSuAddMan(su.getSuName());
		sysuser.setSuAddTime(new Date());
		return suService.addSysUser(sysuser);
	}
	
	/**
	 * 删除系统用户
	 * @param suName
	 * @return
	 */
	@For(user=UserType.WEBSERVER_USER)
	@RequestMapping(value = "/delete", method = RequestMethod.GET)
	@ResponseBody
	public Map<String, Object> delete(@RequestParam("suName") @NotBlank String suNames) {
		suService.deleteSysUsers(suNames);
		return JSONUtil.getJSON(ErrorType.SUCCESS);
	}
	
	/**
	 * 修改密码
	 * @param oldpw
	 * @param newpw
	 * @param session
	 * @return
	 */
	@For(user=UserType.WEBSERVER_USER)
	@RequestMapping(value = "/modifypw", method = RequestMethod.POST)
	@ResponseBody
	public Map<String, Object> modifypw(String oldpw, String newpw,	HttpSession session) {
		//获得session中保存的系统用户对象
		SysUser su = (SysUser) session.getAttribute(Constant.su_in_session);
		//比较在页面上获得的oldpw与session中的密码是否为同一个用户
		oldpw=DigestUtils.md5DigestAsHex(oldpw.getBytes());
		if (oldpw.equals(su.getSuPassword())) {
			String suName = su.getSuName();
			//通过用户的用户名更新数据库中的系统用户密码
			suService.updateSysUserPw(suName, DigestUtils.md5DigestAsHex(newpw.getBytes()));
			return JSONUtil.getJSON(ErrorType.SUCCESS);
		}else{
			return JSONUtil.getJSON(ErrorType.PASSWORD_ERROR);
		}
	}
	
	/**
	 * 登录,不拦截
	 * @param name
	 * @param pwd
	 * @param session
	 * @return
	 */
	@RequestMapping(value = "/login", method = RequestMethod.POST)
	@ResponseBody
	public Map<String, Object> login(String name,String pwd,HttpSession session) {
		SysUser sysuser=suService.getSysUserByNameAndPwd(name,pwd);
		if (sysuser!=null) {			
			session.setAttribute(Constant.su_in_session,sysuser);
			return JSONUtil.getJSON(ErrorType.SUCCESS);
		}
		return JSONUtil.getJSON(ErrorType.SERVER_ERROR);
	}

	/**
	 * 退出
	 * @param session  
	 * @return
	 */
	@RequestMapping("/logout")
	public String logout(HttpSession session){
		session.invalidate();
		return "redirect:/login.jsp";
	}
	
	/**
	 * 加载权限
	 * @param suName
	 * @return
	 */
	@RequestMapping(value="/permission/load",method=RequestMethod.GET)
	@ResponseBody
	public Map<String, Object> loadPermission(@RequestParam("suName") @NotBlank String suName){
		Permission p=suService.getPermission(suName);
		return JSONUtil.getJSON(ErrorType.SUCCESS,p);
	}
	
	/**
	 * 修改用户权限
	 * @param permissions
	 * @return
	 */
	@RequestMapping(value="/modifyPermission",method=RequestMethod.POST)
	@ResponseBody
	public Map<String, Object> modifyPermission(@RequestParam("permissions") @NotBlank String permissions,
			@RequestParam("suName") @NotBlank String suName){
		return suService.modifyPermission(suName,permissions);
	}
}